But given that GCHQ has – like America’s NSA – been closely linked with allegations of indiscriminate surveillance, and of invading the privacy of innocent citizens in the name of national security, some organizations and individuals may well balk at the idea of their cyber security being so closely intertwined with the United Kingdom agency and its planned firewall.
Advertisement
The plan has been proposed by Ciaran Martin, the director general of cyber at GCHQ, at the Billington cybersecurity conference in Washington. What better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses?’
“Consumers must have a choice”. Any DNS filtering would have to be opt out based.
GCHQ’s Martin, however, is keen to stress that privacy concerns and citizen choice will be hardwired into the project and that the initiative would be private-sector led.
It is unclear how far along this project is or when it will be introduced, but such a move is notable for the top-level approach in the NCSC remit.
“The Government does not own or operate the Internet”.
Martin also revealed that the United Kingdom is looking into the “lawful and carefully governed use” of offensive cyber weapons, and that the U.S. and United Kingdom will work together on this project.
To fight back, the NCSC is turning to “active cyber-defence”.
The information security arm of GCHQ, CESG, has approved professional services company PwC to provide cyber incident response services to organisations that have come under serious cyber attack.
“Collaboration between industry and government is essential when responding to targeted cyber attacks with the potential to impact our national economy and security”, said PwC cyber security partner Kris McConkey.
However, he went on to say that he “knows” such an attack will take place given the proliferation of attacks.
During the course of a speech at the Billington Cyber Security Summit in Washington, Ciaran Martin – the CEO of the UK’s new National Cyber Security Centre (NCSC) – said that the United Kingdom is moving towards more active defence in cyberspace.
Advertisement
The NCSC has already developed a plan to create automated defences that will offer protection from the high-volume but often unsophisticated cyber attacks that are a nuisance to the country.
